搜索资源列表
FU_Rootkit
- hide processes, elevate process privileges, fake out the Windows Event Viewer so that forensics is impossible, and even hide device drivers (NEW!) All this without any hooking.
HookImport_src
- Enclosed is MFC source code for a function which can be used to hook any imported function call which your application makes. Since most of the Win32 API is implemented using import functions in dlls, this means that you hook Win32 API calls. This is
TrackUserIdle_src
- The approach used here is really a simple one. We intercept the mouse and keyboard activities of the user by hooking into the OS s mouse and keyboard events using the API SetWindowsHookEx(). It is important to note that the hooks we are installing ar
Hook_Windows_API
- 这篇文章是有关在OS Windows下挂钩API函数的方法。所有例子都在基于NT技术的Windows版本NT 4.0及以上有效(Windows NT 4.0, Windows 2000, Windows XP)。可能在其它Windows系统也会有效。 你应该比较熟悉Windows下的进程、汇编器、PE文件结构和一些API函数,才能明白这篇文章里的内容。 这里使用\"Hooking API\"这个术语表示对API的完全修改。当调用被挂钩的API时,我们的代码能立刻被执行。我将写下完全
wipfw
- 1. logamount, resetlog, frag options support 2. dynamic rules support 3. ndis-hooking driver (for NAT and other)
hooking-api
- api hook 程序,可以用于挂钩windows系统下的api 函数,进行改造后功能将会更强大。-api hook procedures can be used to link the windows api system function, after transforming function will be more powerful.
MCH_Demos
- \"process wide\": some demos about hooking APIs/code in your own process OS independent \"system wide\": several demos about system wide API hooking (using hook dlls) OS independent \"system wide - win9x only\": one demo which sho
_soviet_direct_hooking_src
- Hooking the kernel directly -the kernel directly vine
afti
- A new method of propagation for computer viruses is here presented, Automated File Transfer Infection (AFTI). This method is specific for the Microsoft® Windows® NT/2000/XP/Server 2003 platforms, albeit it may be extended to the 95/98/
SDTrestore
- Win32 Kernel Rootkits modify the behaviour of the system by Kernel Native API hooking. This technique is typically implemented by modifying the ServiceTable entries in the Service Descr iptor Table (SDT). 有关钩子-Win32 Kernel Rootkits modify the behavio
hooking
- hook api hook api
startnt_Service
- Hooking the kernel directly
kbdhook
- Low level keypresses hooking library
Function-Hooking-and-Windows-Dll-Injection
- Function Hooking and Windows Dll Injection
Import-Address-Table-Hooking
- Import Address Table Hooking
Inline-Patching-Protected-Applications-(Hooking-A
- Inline Patching Protected Applications (Hooking API Functions)
Hooking-DLLs-using-PEB
- Hooking DLLs using PEB
Hooking
- Hooking gethostbyname requests and replacing them with our own. (Aka: Hijacking malware, blocking websites(Or blocking software updates), and whatever else your imagination leads you to.)
NetRipper
- NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traf
Hooking IAT
- This is the project that hooking import address table. It is very important to hook import address table. It is possible to hook something using this project. Thanks.